Presentation is loading. Please wait.

Presentation is loading. Please wait.

Brian Padalino Sammy Lin Arnold Perez Helen Chen

Similar presentations


Presentation on theme: "Brian Padalino Sammy Lin Arnold Perez Helen Chen"— Presentation transcript:

1 Brian Padalino Sammy Lin Arnold Perez Helen Chen
Team Challenger Brian Padalino Sammy Lin Arnold Perez Helen Chen

2 Group Communication Authentication
Huang, Q. et al “Fast Authenticated Key Establishment Protocols for Self-Organizing Sensor Networks” (2003) International Conference on Sensor Wireless Networks and Applications pp.141 I

3 Sensor Networks Background:
Supports dynamic scenarios, large scale, real-time data processing Does not require any centralized administration or fixed infrastructure Authentication between sensor nodes and security managers

4 Sensor Networks Problems
Sensors have limited power supply and computational resources Should only send out packets when necessary to help save power Accurately authenticate with a security manager without using an online centralized database

5 Sensor Networks Authentication solutions
A hybrid authentication key establishment protocol symmetric key cryptographic operations elliptic curve implicit certificates

6 Sensor Networks Implementation Elliptic Curve Cryptography
Symmetric-Key Operations Certificates Certificate contains public key, device ID and certification expiration date, digitally signed Certificates are acquired before a sensors can join the network

7 Trust Groups Keoh, S.L. et al “Towards flexible Credential Verification in Mobile Ad-hoc Networks” (2002) Annual International Workshop on Principles of Mobile Computing, Toulouse, France pp. 58

8 System Implementation

9 XML Credential Generator
Key Management Every device maintains a key ring that contains a list of trusted public keys and their associated trustworthiness level. Ensures that only trusted public keys are considered when checking assertions. XML Credential Generator Used to group the user’s credentials together in order to create a readable credential assertion statement (CAS).

10 Security Assertion Module
Main functionality is to issue assertions to other users after verifying credentials listed in the CAS successfully. Verification and Validation Module Used to determine whether a CAS is authentic and based on authentic credentials. When a user presents his/her CAS together with the corresponding ASSs, the V&V checks the signatures against the key ring to determine whether the assertions can be trusted.

11 Group Communication Security Contributory key agreement
1) Group Diffie-Hellman key exchange 2) Key trees

12 Diffie-Hellman Key exchange
Alice picks BK=x Bob Picks BK=y 1 p, , K=x mod p 2 K= y mod p Bob computes K BK = (x mod p)y = xy mod p Alice computes K BK = (y mod p)x = xy mod p The shared secret key

13 Key trees K p =( BK (L) ) K (R) mod p =( BK (R) ) K (L) mod p
= f (K (L) K (R)) Key trees <0,0> <1,0> <1,1> <2,0> <2,1> <2,2> <2,3> <3,0> <3,0> <3,6> <3,7>

14 Problems and Solutions
Join, Leave, Partition and Merge by Updating Current Tree <0,0> <1,0> <1,1> <2,0> <2,1> <2,2> <2,3> <3,0> <3,0> <3,6> <3,7>

15 Project Idea Will be implementing system outlined by “Towards Flexible Credential Verification in Mobile Ad-hoc Networks” Will be adding certificate/assertion revocations and some sort of black listing policy for untrustworthy nodes to increase security of the proposed system.

16 Project Idea (cont.) Will be building a game on top of our system to demo what it can do. Social engineering game geared towards building and losing trust. Player must try and obtain as much ASS as possible. Then use that ASS to get more ASS.

17 Papers to be used… “Towards a human trust model for mobile ad-hoc networks,” Licia Capra “A certificate revocation scheme for wireless ad-hoc networks,” Claude Crepeau and Carlton Davis “Trust and establishment of ad-hoc communities,” Sye Long Keoh and Emil Lupu


Download ppt "Brian Padalino Sammy Lin Arnold Perez Helen Chen"

Similar presentations


Ads by Google